Russian Federation implicated in massive cyber-attacks on American government agencies
- by Joann Nelson
- in Sci-tech
- — Dec 19, 2020
Microsoft used SolarWinds Corp.'s networking management software, which was used by suspected Russian hackers to infiltrate us agencies and companies.
In an update Thursday, the U.S. Cybersecurity and Infrastructure Security Agency said the attacks pose "a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations".
At least three state governments were compromised in a widespread hacking operation that's also swept up much of the federal government and that US authorities believe is the work of Russian government-backed actors, it was reported Thursday.
Investigators initially feared that attackers may have created false data, but it seems like they were only interested in accessing actual data.
That was because customers of SolarWinds network monitoring tools include many branches of the United States government.
Microsoft recently revealed that malicious software was detected in its systems associated with a huge hacking campaign recently disclosed by U.S. officials.
President-elect Joe Biden issued a statement Thursday strongly condemning the massive hack of the software firm SolarWinds that compromised hundreds of USA entities.
Internal email traffic at the US Treasury and US Commerce departments was compromised, and the US Energy Department has now also said it has evidence hackers gained access to its networks as part of the campaign.
CISA previously issued an emergency directive on December 13 ordering all federal agencies to disconnect Solarwinds Orion products immediately, and check their networks for signs of compromise.
China's lunar mission brings first moon rocks to Earth since 1970s
Chang'e-5 drilled into the lunar surface for samples that record evolutionary events, and grabbed material on the surface. China's space agency said Thursday it intends to share its findings with the global scientific community.
But the attackers might have installed additional ways of maintaining access in what some have called the biggest hack in a decade.
According to CISA, the cybersecurity wing of the NSA, hackers are now known to have at least monitored emails from the Treasury, State, Commerce and Homeland Security Departments as well as parts of the Defense Department.
According to SolarWinds, around 18,000 customers received the malicious software updates, giving the hackers a backdoor into their networks.
"This is not 'espionage as usual, ' even in the digital age", Smith wrote.
"We have learned in recent days of what appears to be a massive cybersecurity breach affecting potentially thousands of victims, including U.S. companies and federal government entities", the Biden transition team said in a statement. "Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world", Smith said.
Microsoft, the U.S. Energy Department and the National Nuclear Security Administration, which oversee the nation's nuclear weapon stockpile, were all reportedly targeted in the breach. "We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners".
CISA did not identify who was behind the malware attack, but private security companies pointed a finger at hackers linked to the Russian government.
But in a blog post, calling for a global response to what he describes as a moment of reckoning, Microsoft's president, Brad Smith, says his own company's investigations confirm that this was an attack "remarkable for its scope, sophistication and impact".
Among the business sectors scrambling to protect their systems and assess potential theft of information are defense contractors, technology companies and providers of telecommunications and the electric grid.
